package com.zhb.cloud.realm;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import com.zhb.cloud.mybatis.sys.service.UserService;

public class MonitorRealm extends AuthorizingRealm {
	@Autowired
	private UserService userService;

	// 做授权()
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		// 查询当前用户具有 角色和权限
		SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
		return authorizationInfo;
	}

	// 做认证(主要用于登录)
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken)
			throws AuthenticationException {
		// 获得存放用户名和密码的令牌
		UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
		String password = userService.findByUserName(token.getUsername()).getPassword();
		if (password == null) {
			// 没有用户名
			// 用户名不存在异常
			return null;
		} else {
			return new SimpleAuthenticationInfo(token.getUsername(), password.toCharArray(), "monitorRealm");
		}
	}
}
